제출 #673773: code-projects Client Details System V1.0 SQL Injection정보

제목code-projects Client Details System V1.0 SQL Injection
설명A critical SQL Injection vulnerability exists in clientdetails/welcome.php via the ID GET parameter. The application embeds ID unescaped into backend SQL, enabling attackers to alter query logic and inject additional statements. Because input is not sanitized and prepared statements are not used, the endpoint is susceptible to multiple exploitation techniques.
원천⚠️ https://github.com/hellonewbie/tutorial/issues/6
사용자
 ZengY (UID 91559)
제출2025. 10. 12. AM 11:02 (8 개월 ago)
모더레이션2025. 10. 26. AM 05:59 (14 days later)
상태수락
VulDB 항목329914 [code-projects Client Details System 1.0 GET Parameter welcome.php 아이디 SQL 주입]
포인트들19

이전개요다음

Do you need the next level of professionalism?

Upgrade your account now!